Can't access internal network from VPN using PIX 506E

Similar Messages

• Can not ping internal network from ASA

  I can not ping internal computer from ASA. Comp IP address 192.168.187.15, gateway is 192.168.187.14 which is ASA internal interface. I've got an IP Phone connected to the same ASA with Ip address 192.168.185.15 and internal ASA interface 192.168.185.14 and everything works fine. We are doing testing, do not be surprised of configuration.
  ASA Version 8.2(1)
  hostname ciscoasa
  enable password 8Ry2YjIyt7RRXU24 encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  dns-guard
  interface GigabitEthernet0/0
  nameif ouside3
  security-level 0
  ip address 10.254.17.25 255.255.255.248
  interface GigabitEthernet0/1
  nameif outside
  security-level 0
  ip address 10.254.17.9 255.255.255.248
  interface GigabitEthernet0/2
  nameif Lan
  security-level 100
  ip address 192.168.185.14 255.255.255.0
  interface GigabitEthernet0/3
  nameif comp
  security-level 50
  ip address 192.168.187.14 255.255.255.0
  interface Management0/0
  nameif management
  security-level 100
  no ip address
  management-only
  boot system disk0:/asa821-k8.bin
  ftp mode passive
  access-list 110 extended permit ip any any
  access-list nat extended permit ip any any
  access-list allow_ping extended permit icmp any any echo-reply
  access-list allow_ping extended permit icmp any any source-quench
  access-list allow_ping extended permit icmp any any unreachable
  access-list allow_ping extended permit icmp any any time-exceeded
  access-list allow_ping extended permit udp any any eq isakmp
  access-list allow_ping extended permit esp any any
  access-list allow_ping extended permit ah any any
  access-list allow_ping extended permit gre any any
  access-list nonat extended permit ip any any
  access-list nat2 extended permit ip any any
  access-list nonat2 extended permit ip any any
  pager lines 24
  logging asdm informational
  mtu ouside3 1500
  mtu outside 1500
  mtu Lan 1500
  mtu comp 1500
  mtu management 1500
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (Lan) 0 access-list nonat
  nat (Lan) 1 access-list nat
  nat (comp) 0 access-list nonat
  nat (comp) 1 access-list nat
  access-group allow_ping in interface outside
  router eigrp 2008
  neighbor 10.254.17.10 interface outside
  network 10.254.17.8 255.255.255.248
  network 192.168.185.0 255.255.255.0
  network 192.168.187.0 255.255.255.0
  route outside 0.0.0.0 0.0.0.0 10.254.17.10 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  dynamic-access-policy-record DfltAccessPolicy
  http server enable
  http 192.168.1.0 255.255.255.0 management
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set myset esp-3des esp-md5-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto map mymap 10 match address 110
  crypto map mymap 10 set peer 10.254.17.10
  crypto map mymap 10 set transform-set myset
  crypto map mymap interface outside
  crypto map mymap2 20 match address 110
  crypto map mymap2 20 set peer 10.254.17.18
  crypto map mymap2 20 set transform-set myset
  crypto map mymap2 interface comp
  crypto map mymap3 30 match address 110
  crypto map mymap3 30 set peer 10.254.17.26
  crypto map mymap3 30 set transform-set myset
  crypto map mymap3 interface ouside3
  crypto isakmp identity address
  crypto isakmp enable ouside3
  crypto isakmp enable outside
  crypto isakmp enable comp
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash md5
  group 2
  lifetime 28800
  no crypto isakmp nat-traversal
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  priority-queue outside
  threat-detection basic-threat

  This is what I get, looks like ASA does not reply. Why?
  ciscoasa# sh capture cpi
  5 packets captured
  1: 05:20:14.494908 192.168.187.15 > 192.168.187.14: icmp: echo request
  2: 05:20:19.526935 192.168.187.15 > 192.168.187.14: icmp: echo request
  3: 05:20:25.026320 192.168.187.15 > 192.168.187.14: icmp: echo request
  4: 05:20:30.525699 192.168.187.15 > 192.168.187.14: icmp: echo request
  5: 05:20:36.025084 192.168.187.15 > 192.168.187.14: icmp: echo request

• Can't Access Internal Servers From Behind An ASA 5505

  Hi all.
  I am having some trouble accessing some backup Email (Outlook Web Access) and Citrix servers located behind an ASA 5505 firewall at a remote datacentre. Simply put, when I go to the specific URL (e.g. https://citrixdr.xxx.co.uk) I do not arrive at the splash page, I just get a message saying that the server took too long to respond in the web browser. I'm wondering whether I have missed something on the configuraiton or the firewall itself is not letting my requests through.
  The remote servers are located at a remote Disaster Recovery site and use the subnet 192.168.4.0/24. I am at head office which is connected to the DR site via a VPN using 192.168.1.0/24.
  My running configuration is below, if anyone could have a browse through it it would be much appreciated.
  LM-DR-ASA5505# show run
  : Saved
  ASA Version 8.2(5)
  hostname xxx
  domain-name xxx.local
  enable password 9tc.bMMQOdcEzWlK encrypted
  passwd zh5kKKD1zRf47kwr encrypted
  names
  name 216.82.240.0 MLT1
  name 67.219.240.0 MLT2
  name 85.158.136.0 MLT3
  name 95.131.104.0 MLT4
  name 46.226.48.0 MLT5
  name 117.120.16.0 MLT6
  name 193.109.254.0 MLT7
  name 194.106.220.0 MLT8
  name 195.245.230.0 MLT9
  name 103.3.96.0 MLT10
  name xxx.xxx.xxx.xxx citrixdr.xxx.co.uk
  name xxx.xxx.xxx.xxx maildr.xxx.co.uk
  name xxx.xxx.xxx.xxx webmaildr.xxx.co.uk
  name 192.168.4.23 LON-EXCH-03
  name 192.168.4.30 Citrix-Access-Gateway
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.4.254 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address xxx.xxx.xxx.xxx 255.255.255.248
  ftp mode passive
  dns server-group DefaultDNS
  domain-name xxx.local
  same-security-traffic permit inter-interface
  same-security-traffic permit intra-interface
  object-group service DM-INLINE-SERVICE
  service-object icmp
  service-object tcp eq www
  service-object tcp eq https
  object-group network VPN-REMOTE
  network-object 192.168.1.0 255.255.255.0
  object-group protocol PROTOCOL-LIST
  protocol-object ip
  protocol-object icmp
  protocol-object pim
  protocol-object pcp
  protocol-object snp
  protocol-object udp
  protocol-object igmp
  protocol-object ipinip
  protocol-object gre
  protocol-object esp
  protocol-object ah
  protocol-object tcp
  protocol-object eigrp
  protocol-object ospf
  protocol-object igrp
  protocol-object nos
  object-group service DM-INLINE-TCP-1 tcp
  port-object eq https
  port-object eq smtp
  object-group service DM-INLINE-TCP-2 tcp
  port-object eq www
  port-object eq https
  object-group network MESSAGE-LABS-TOWERS
  network-object MLT1 255.255.240.0
  network-object MLT2 255.255.240.0
  network-object MLT3 255.255.248.0
  network-object MLT4 255.255.248.0
  network-object MLT5 255.255.248.0
  network-object MLT6 255.255.248.0
  network-object MLT7 255.255.254.0
  network-object MLT8 255.255.254.0
  network-object MLT9 255.255.254.0
  network-object MLT10 255.255.252.0
  access-list inside-access-in extended permit ip 192.168.4.0 255.255.255.0 192.168.1.0 255.255.255.0
  access-list inside-access-in extended permit ip any any
  access-list inside-access-in extended permit ip 192.168.4.0 255.255.255.0 any
  access-list inside-access-in extended permit icmp any any
  access-list outside-access-in extended permit object-group DM-INLINE-SERVICE any any
  access-list outside-access-in extended permit ip 192.168.4.0 255.255.255.0 192.168.1.0 255.255.255.0
  access-list outside-access-in extended permit icmp 192.168.4.0 255.255.255.0 192.168.1.0 255.255.255.0
  access-list outside-access-in extended permit tcp any host webmaildr.xxx.co.uk object-group DM-INLINE-TCP-2
  access-list outside-access-in extended permit tcp any host maildr.xxx.co.uk object-group DM-INLINE-TCP-1
  access-list outside-access-in extended permit tcp any host citrixdr.xxx.co.uk eq https
  access-list outside-access-in extended permit tcp object-group MESSAGE-LABS-TOWERS host LON-EXCH-03 eq smtp
  access-list outside-1-cryptomap extended permit ip 192.168.4.0 255.255.255.0 host xxx.xxx.xxx.xxx
  access-list outside-1-cryptomap extended permit ip 192.168.4.0 255.255.255.0 192.168.1.0 255.255.255.0
  access-list 101 extended permit ip 192.168.4.0 255.255.255.0 192.168.1.0 255.255.255.0
  access-list inside-nat0-outbound extended permit ip 192.168.4.0 255.255.255.0 192.168.1.0 255.255.255.0
  access-list testcap extended permit icmp host 192.168.1.11 host 192.168.4.1
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  icmp unreachable rate-limit 1 burst-size 1
  icmp permit any outside
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list inside-nat0-outbound
  nat (inside) 1 0.0.0.0 0.0.0.0
  static (inside,outside) tcp citrixdr.xxx.co.uk https Citrix-Access-Gateway https netmask 255.255.255.255
  static (inside,outside) tcp maildr.xxx.co.uk smtp LON-EXCH-03 smtp netmask 255.255.255.255
  static (inside,outside) tcp webmaildr.xxx.co.uk https LON-EXCH-03 https netmask 255.255.255.255
  access-group inside-access-in in interface inside
  access-group outside-access-in in interface outside
  route outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 1
  route outside 192.168.1.0 255.255.255.0 xxx.xxx.xxx.xxx 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  aaa authentication ssh console LOCAL
  http server enable
  http xxx.xxx.xxx.xxx 255.255.255.255 outside
  http 192.168.4.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto map outside-map 1 match address outside-1-cryptomap
  crypto map outside-map 1 set peer xxx.xxx.xxx.xxx
  crypto map outside-map 1 set transform-set ESP-3DES-SHA
  crypto map outside-map interface outside
  crypto isakmp enable inside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  telnet 192.168.1.0 255.255.255.0 inside
  telnet 192.168.4.0 255.255.255.0 inside
  telnet 0.0.0.0 0.0.0.0 inside
  telnet xxx.xxx.xxx.xxx 255.255.255.255 outside
  telnet timeout 5
  ssh 192.168.1.0 255.255.255.0 inside
  ssh 192.168.4.0 255.255.255.0 inside
  ssh xxx.xxx.xxx.xxx 255.255.255.255 outside
  ssh xxx.xxx.xxx.xxx 255.255.255.255 outside
  ssh xxx.xxx.xxx.xxx 255.255.255.255 outside
  ssh timeout 5
  ssh version 2
  console timeout 0
  management-access inside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  username xxx password LUZB8j2zj03xvSeF encrypted
  username xxx password RxEDmrZ7KCRzPu4T encrypted
  tunnel-group xxx.xxx.xxx.xxx type ipsec-l2l
  tunnel-group xxx.xxx.xxx.xxx ipsec-attributes
  pre-shared-key *****
  class-map inspection_default
  policy-map global_policy
  class inspection_default
    inspect icmp
  prompt hostname context
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:61e54b16fb87f1e6fa3b8d520e87ddc0
  : end

  Hi Jouni, thanks for your response.
  Turns out that the Citrix Access Gateway wasn't set up until yesterday evening and by then I had stopped trying for the day. It is now set up and external access is available.
  Further to this, my colleague forgot to inform me of the change of I.P. address of the Exchange server. This meant that Webmail requests were pointing to an I.P. address that didn't exist.
  I have reconfigured the firewall this morning and external access for Webmail is also working correctly.

• Can't access work IMAP from home

  Hi
  We're running mail service (IMAP) on OS X Server 10.3.9 at the office. Everything works fine when I'm on the network locally - I can send and receive external emails etc.
  However, I can't access the server from home using either the domain name or IP address. I used to be able to but we've recently changed ISP & router and I'm not sure if this has affected it. I assume the MX records for the domain are fine since we can send and receive.
  I'm not really an IT admin-type guy (it's just kinda become my responsibility) so I don't fully understand DNS, local domains etc.
  If anybody has any pointers, I'd really appreciate it.
  Thanks
  Ian
    Mac OS X (10.3.9)  
  PowerBook G4 1.5   Mac OS X (10.4.8)  
    Mac OS X (10.4.8)  

  Everything works fine when I'm on the network locally - I can send and receive external emails etc.
  However, I can't access the server from home using either the domain name or IP address. I used to be able to but we've recently changed ISP & router and I'm not sure if this has affected it.
  DNS Basics: the DNS server basically resolves a 'name' to an IP address. E.g. mail.mydomain.com to the IP address of the mailserver.
  When you are inside the local network (LAN), your computers probably find the server using a local IP address. When you are outside the LAN, then your computer will find it EITHER by using the public IP address of your firewall OR using a name which will resolve to the same.
  Since it worked before you changed ISPs, I'm guessing that you had it set explicitly to the WAN IP address. This will have changed with the change of ISP.
  Easiest way to fix this is to use the same host name as you MX record is set to. So if your MX record is mail.mydomain.com then use this as it is obviously resolving to the IP address of your mail server (or more exactly, the IP address of your firewall).
  NEXT, since your router has also changed (and I presume this is also your firewall) then you need to ensure that the imap port required (143) is open and port-forwarding to the internal IP address of the mail server.
  -david
      Server 10.4.8

• How can i share my network from timecapsule to other devices. The thing is i can use access internet from my macbook only.

  I have recently got a Time Capsule with my Macbook pro retina 15". I am trying to setup my time capsule as a wifi station at my home. But the thing is I can only access wifi from my lap only.
  How can I share my network from timecapsule to other devices, and im using OS X 10.8.2
  Please help me!
  Thanks in advance!
  (sorry for the bad english)

  How is the TC currently connected into the network?
  It should work fine in bridge and create a wireless network.. it should already be able to share the network without being the main router.
  Setting up wireless from wireless is difficult.
  I would recommend you buy the USB to ethernet cable Apple sell as an accessory for Air and MBPr so you can actually use ethernet when required.

• I saved photos from my Macbook Pro onto my Iphone (using itunes, 4 years ago). My macbook is now dead and I need to get the photos I saved off of my iphone 3GS transferred to a pc.  Any help...  From my PC I can only access "internal storage"

  I saved photos from my Macbook Pro onto my Iphone (using itunes, 4 years ago). My macbook is now dead and I need to get the photos I saved off of my iphone 3GS transferred to a pc.  Any help...  From my PC I can only access "internal storage"

  The iphone is not a storage/backup device.  The picture sycn is one way - computer to iphone.  The photos are also reduced in size when synced to iphone so they are not of the original quality
  It has always been very basic to always maintain a backup of your computer.
  Have you failed to do this?
  If so, not good at all, you can e-mail the pics to yourself - keep in mind they will never be of the original quality

• [HELP!] Can't access shared folder from Azure Web Role on same Azure Virtual Network

  I have an Azure Virtual Network that has a virtual machine acting like an app server running some legacy applications that is writing some files to a folder that is shared.
  This shared folder is accessible from other virtual machines within that virtual network without issue.
  The problem I am having is that I have an Azure Web Role that is also attached to the above
  Azure Virtual Network that is unable to access the shared folder. I know the web role can see the app server as it is able to ping the IP of the machine.
  There is some code that needs access to the shared folder to process some of the files that is stored there, but the code won't run because it can not access these files. I used Remote Desktop to see if I could ping the machine, and I can, but I cannot navigate
  to the path in file explorer due to access being denied.
  Can anyone offer any advice or tips to point me in the right direction to gain access to this shared folder from my Azure Web Role?

  Hi Robert,
  Thanks for your posting!
  Form your descirpiton, I suggest you can refer to Tom Zhang's solution via this
  link:
  1. Enable Remote Desktop. (You have done this step)
      2. RDP to one instance of your service. Open up IIS Manager and set the application pool identity to use the account that we used for RDP.
      3. On on-premise local machine, right click "My Computer' and select "Manage". Add a new account with the same account name and password as we specified for Remote Desktop.
      4. Give the new account necessary permissions to write file to the shared folder. (I think you have done this step too)
      5. Try running the code again and see if it works.
      6. If it still says "access to path <folder path located on local machine> is denied". Please check the permission of the shared folder again.
      7. If it works, then the next step is to configure the application pool identity using Startup Task instead of using Remote Desktop (See the suggestion inhttp://social.technet.microsoft.com/Forums/en-US/windowsazuresecurity/thread/247ba75e-87d9-497c-9ec6-1fd4e2c7ff90).
  But I still recommend you enable Remote Desktop for your web role to check if the Startup Task has successfully configured the application pool identity or not.
  Regards,
  Will
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• ASA 5505 VPN can't access connected network

  I have an ASA 5505 with ipsec VPN configured on it.  I am able to  connect to the ASA but I can't ping a connected network.  I get a dhcp  assigned address in the network I am trying to reach but can't access  that network on Vlan5.  Please help.
  I attached the config.

  I think final questions, can you have two nat statements that point to the same acl ie.
  access-list no_nat extended permit ip 192.168.9.0 255.255.255.0 192.168.0.0 255.255.255.0
  access-list no_nat extended permit ip 192.168.9.0 255.255.255.0 172.31.1.0 255.255.255.0
  access-list no_nat extended permit ip 192.168.5.0 255.255.255.0 192.168.5.0 255.255.255.0
  nat (inside) 0 access-list no_nat
  nat (inside) 1 192.168.9.0 255.255.255.0
  nat (fw-civic) 0 access-list no_nat
  nat (fw-civic) 1 192.168.5.0 255.255.255.0
  Or do I need to create a new acl for the fw-civic interface?
  Thanks

• HT4759 I can't access my mail from my iphone using os 3.13

  I have the original iphone running os3.13.
  I can't access my mail from this phone.
  I switched my mac book pro to icloud and now I can't request to keep my mail account on my iphone.
  What do I do?
  CC

  Delete your mail account from Mail preferences and set it up again using the Mail Server Information.

• Can you access Time Capsule From any where, or do you have to be on the same network

  Can you access Time Capsule From any where, or do you have to be on the same network

  check out the post by Tesserax in this discussion.

• I am unable to re-install itunes. The installer starts ok and then indicates that it can not access a network !!

  I am unable to re-install itunes. The installer starts ok and then indicates that it can not access a network !!  I have tried to uninstall but get the sme error message. I have used 3rd party software to uninstal but still have no joy. My pc is running Vista.
  Can you anyone offer a working solution ?

  Many thanks.
  Let's try the fixit from the following Microsoft document with that one:
  Fix problems with programs that can't be installed or uninstalled

• I've tried everything but can't access iTunes store from my ipad. Apple ID is fine and logged in to iTunes on pc. Still no luck. Anyone any other alternatives? Thx.

  I've tried everything but can't access iTunes store from my ipad. Apple ID is fine and logged in to iTunes on pc. Still no luck. Anyone any other alternatives? Thx.

  You may think you are connected to the internet, but maybe not. Click on Safari and see if it connects.
  Look at iOS Troubleshooting Wi-Fi networks and connections  http://support.apple.com/kb/TS1398
  iPad: Issues connecting to Wi-Fi networks  http://support.apple.com/kb/ts3304
  iOS: Recommended settings for Wi-Fi routers and access points  http://support.apple.com/kb/HT4199
  Additional things to try.
  Try this first. Turn Off your iPad. Then turn Off (disconnect power cord for 30 seconds or longer) the wireless router & then back On. Now boot your iPad. Hopefully it will see the WiFi.
  Go to Settings>Wi-Fi and turn Off. Then while at Settings>Wi-Fi, turn back On and chose a Network.
  Change the channel on your wireless router (Auto or Channel 6 is best). Instructions at http://macintoshhowto.com/advanced/how-to-get-a-good-range-on-your-wireless-netw ork.html
  Another thing to try - Go into your router security settings and change from WEP to WPA with AES.
  How to Quickly Fix iPad 3 Wi-Fi Reception Problems
  http://osxdaily.com/2012/03/21/fix-new-ipad-3-wi-fi-reception-problems/
  If none of the above suggestions work, look at this link.
  iPad Wi-Fi Problems: Comprehensive List of Fixes
  http://appletoolbox.com/2010/04/ipad-wi-fi-problems-comprehensive-list-of-fixes/
  Fix iPad Wifi Connection and Signal Issues  http://www.youtube.com/watch?v=uwWtIG5jUxE
  Fix Slow WiFi Issue https://discussions.apple.com/thread/2398063?start=60&tstart=0
  Unable to Connect After iOS Update - saw this solution on another post.
  https://discussions.apple.com/thread/4010130
  Note - When troubleshooting wifi connection problems, don't hold your iPad by hand. There have been a few reports that holding the iPad by hand, seems to attenuate the wifi signal.
  ~~~~~~~~~~~~~~~
  If any of the above solutions work, please post back what solved your problem. It will help others with the same problem.
  The Complete Guide to Using the iTunes Store
  http://www.ilounge.com/index.php/articles/comments/the-complete-guide-to-using-t he-itunes-store/
  Can't connect to the iTunes Store
  http://support.apple.com/kb/TS1368
  iTunes: Advanced iTunes Store troubleshooting
  http://support.apple.com/kb/TS3297
  This works for some users. Not sure why.
  Go to Settings>General>Date and Time> Set Automatically>Off. Set the date ahead by about a year.Then see if you can connect to the store.
   Cheers, Tom

• Can't access my dvr from safari

  Hi,
  I have a problem with safari.  I can't access my dvr from the browser.
  After I sign in to my dvr webpage this message comes instead of loading java: The requested URL was not found on this server
  I have this message when I try with Mozilla:
  CacheEntry[http://xx.xxx.xx.xx/application.jar]: updateAvailable=false,lastModified=Thu Jan 01 01:00:00 CET 1970,length=40266
  Missing Application-Name manifest attribute for: http://xx.xxx.xx.xx/application.jar
  Missing Permissions manifest attribute in main jar: http://xx.xxx.xx.xx/application.jar
  java.io.FileNotFoundException: abc (Permission denied)
  Thanks in advance for any help you can provide!

  Sorry... I didn't realize that this problem was common, not rare.
  I remove the Discussion-related cookies and restarted. I did get to the sign-in page this time, but after clicking the sign-in button, I got "An Internal Server Error Has Occurred." (Nothing else on the page.)
  I decided to check cookies again, and the same ones that I eliminated were back again. Needless to say, repeating the exercise didn't work.
  Resetting Safari is out of the question. I have years worth of settings and cookies stored there for a good reason, and I'm not going to start over from scratch. I can't imagine why anyone would, unless they have a whole lot of time on their hands.
  So... I've decided that this is Apple's problem. If I need Apple Discussions I'll use a browser that works.. which apparently is every browser except Safari. Now that's ironic!

• Can't access my mac from another computer

  Ok, i have been able to access my G5 mac using Tiger from my G4 PB using tiger in the past.
  I installed Leporad (family pack) on both machines. Now i can't access the G5 from the PB. the settings use to be correct. I kind of gave up, but i just would never get the log in or see the G5.
  Today, i finally had the oppurtunity to try using the Back to My Mac feature. My G5 was on at home and i had a wireless connection at work and needed a file on my G5. so i went to the shared section in the side bar and it wasn't there to access.
  When i got home i tried again. This time i could see the G5 in the side bar, but could not tell if it was through the internet or if i was seeing it through my wireless network.
  when i tried to access using the back to my mac by clicking on the shared volume in the side bar, i could not access it, it finally gave me an error message saying that the server may not be available.
  the weird thing is, if i choose to share screen, i could access the G5. I would get a log in window and log in no problem.
  the setting in my shared preference seem to be the same for both computers.
  any idea where to start on figuring this out.

  Today, i finally had the oppurtunity to try using the Back to My Mac feature. My G5 was on at home and i had a wireless connection at work and needed a file on my G5. so i went to the shared section in the side bar and it wasn't there to access.
  Do you have a .Mac account? And are both Macs setup to use the .Mac account? Without a .Mac account, the Back-to-My-Mac feature is not going to work, as you need .Mac to act as the middle man in establishing the connection.
  In addition, does your work have a corporate firewall? If it does, they most likely block the networking ports that BTMM uses.
  When i got home i tried again. This time i could see the G5 in the side bar, but could not tell if it was through the internet or if i was seeing it through my wireless network.
  Very likely this is local LAN via Bonjour.
  when i tried to access using the back to my mac by clicking on the shared volume in the side bar, i could not access it, it finally gave me an error message saying that the server may not be available.
  Do you have your Firewall enabled? Security System Preferences
  Did you enable Screen Sharing (I'm guessing you did, but I figure it is worth asking) Sharing System Preferences
  NOTE: I do not have a .Mac account, and my use of Screen Sharing has been just one or 2 experiments, but I figured I could at least ask some questions that might uncover something useful.

• Computer crashed and got a new one, but can't access previous purchases from iTunes.

  My PC crashed and I got a Mac, I can't get my old purchases from the iTunes store onto my new computer. Is there a way to get my purchases from the iTunes store on my new computer? It's showing all the songs/videos I bought but I can't access them.

  daffydaf2010 wrote:
  My PC crashed and I got a Mac...
  Welcome to the club
  I can't get my old purchases from the iTunes store onto my new computer. Is there a way to get my purchases from the iTunes store on my new computer? It's showing all the songs/videos I bought but I can't access them.
  When you purchase content from the iTunes Store it's downloaded to the storage/hard drive of the computer you purchased them on. You should have made a backup like iTunes warns you to do.
  However there is some hope, I can instruct you how to recover your content from the hard drive of the dead PC, provided the hard drive ITSELF still mechanically works and if your willing to perhaps spend some money and get your hands a bit dirty.
  Recovery option:
  I'm going to assume here that the PC is dead, either mechanically or the computer won't boot from the hard drive and you are willing to extract the hard drive from the computer and see if it works to get your data off.
  Be gentle, disconnect the power and remove the battery before carefully opening up the PC to remove the drive.
  Once you got the drive out there is a powered IDE/SATA to USB adapter for sale online for $20 that you can take that internal hard drive and use it like a external drive to access your files from another Windows machine.
  Your attempting to access a Windows NTFS drive from a Mac which can't read it, you need Paragons's NTFS for Mac® OS X software installed on the Mac first before hooking up the NTFS Windows formatted drive.
  Once you do that, you should be able to navigate to your Windows/Music folder and transfer the whole iTunes folder directly to the Mac desktop and also recover any other files you need as well.
  Good Luck